I think there are people interested in this. I assume, looking at the screenshot, single books will be protected with your method. Especially owners with children are frequently asking for such a possibility to avoid that children start reading not age appropriate books on a family-kindle. I know this for sure from the german "Amazon Kundendiskussion".
The "hide-folders" hack is another possibility for this and the developer is looking for a password protection as well.
Another step could be to protect collections from being openend with a pw. So even the titles would be hidden.

I am much better in having ideas than being able to get them operational ;-) .

Still learning the "install as usual" part. After installing ksonoads patch (5.1.0 severely reduced my customer loyalty), then registering, I suddenly have ads. I see NOW that I needed to add the patch file to CONFIG.TXT. I won't make that mistake again. Do I really have to flash another 5.0.0 kernel and main to fix this?

After rebooting, the ads are gone from the menu, but still there in screensavers, and amazon downloaded and installed a BlackJack card game on my K5. Huh? I do not remember asking for that. It does look nice though, but all those full flash updates are very annoying to me -- I would rather see the ghosting than the flashes.

Still learning the "install as usual" part. After installing ksonoads patch (5.1.0 severely reduced my customer loyalty), then registering, I suddenly have ads. I see NOW that I needed to add the patch file to CONFIG.TXT. I won't make that mistake again. Do I really have to flash another 5.0.0 kernel and main to fix this?

Nope.

If you have the no-ads patch installed, just keep it there. You won't see no ads on the home screen. And if you have it installed and also delete /var/local/adunits, you won't see any ads at all.

^^

PS: I did think about getting rid of the config file (for instance loading all the applicable files in the directory). That would remove one minor nuisance (explicitly adding a file to CONFIG.TXT), but also introduce many potential problems: the configuration file can now provide in-place documentation, it can be used to easily enable/disable patches, and (not currently used yet) it can guarantee a particular order of loading patches. I decided against getting rid of it, because the latter 3 arguments outweigh the first one, IMO.

Ahh... After updating CONFIG.TXT, first reboot fixed the home screen. After removing adunits folder, NEXT reboot fixed screensavers.

Yes, most things that jbpatch affects require a reboot. This is because classes are only loaded once (on startup, or whenever they are accessed for the first time).

Quote:

Originally Posted by geekmaster

I like this patch thing. Now I want to call my native mode apps from java (security risk and all -- perhaps only "signed" apps to be more secure?)...

EDIT: Actually, just being able to do a client/server thing and have a native app and java app communicate would be great (through a shared file, or a named pipe, if necessary).

Much, if not all, of this, is possible. You may indeed have to circumvent the built-in security mechanisms, but that's pretty easy. For instance: Runtime.exec
...and, of course, there is still LIPC. Amazon probably introduced it to keep their mess of Java, talking to Webkit, talking to native apps, somewhat under control.

which was 758a75d649545ae60f3bf2e90a0c6778 so it wasn't any of the cases in the if-elsif conditions of shell script for manual installation (src folder).

before doing killall cvm, what I did was just to comment out TTS plugin in CONFIG.TXT

EDIT: wth? God damn it! I swear I had ssh access in my diags (I am using MfgTool now)... not the best day apparently!

EDIT 2: I can ping 192.168.15.244.

EDIT 3: (As suggested somewhere in the forum by Geekmaster to wait for a while for the Enable USBnet to start to respond), I now have SSH access in diags mode, so don't panic my friends!!! I think I can easily get KT on her feet... but still ixtab, some of the patches have the potential to brick devices, be vigilant about them.

EDIT 4: I will work on this and post my result OR ask for advice/help in a relevant debricking thread instead of here, as I don't want this thread to deviate. Thanks again.

EDIT 5: So turned out it wasn't ixtab's jbpatch problem (well as far as I can see for now), but it was my fault. I'll explain in case in helps someone in future: I had previous kpatch (I never install any *.bin, as I prefer to install things manually) in /opt/amazon/ebook/bin/init.xargs like this:
-istart kpatcher.jar
instead of
-istart jbpatcher.jar

So I corrected it and restarted. This didn't work and I got same repair error. So I decided to uninstall jbpatch... I did it and then restarted... didn't work! I let the KT sit there for a while! Nothing happened... So I gave up, got tired unplugged the USB cable and wanted to go to bed... I got scared because KT then went to a restart loop, I think for 5-6 times!!! Phew, my KT is back now! So this case is closed. BUT I really don't understand Kindle's Linux... I think we should move and replace it with, I don't know, Android or K-Tizen or ...

If you are interested in this... I don't know. Since there's (fortunately) no "Like" or "+1" button here, you could just click on the Karma button instead. Even better, you could reply to this post. I'm just interested in some feedback about whether this is just wasted time, or if it's indeed something that could be useful to a wider audience.

EDIT 5: So turned out it wasn't ixtab's jbpatch problem (well as far as I can see for now), but it was my fault. I'll explain in case in helps someone in future: I had previous kpatch (I never install any *.bin, as I prefer to install things manually) in /opt/amazon/ebook/bin/init.xargs like this:
-istart kpatcher.jar
instead of
-istart jbpatcher.jar

Yes, having a wrong entry in that file is a sure way to brick your device. You just learned that the hard way

BTW, if you HAD used the installer, the installer would have simply failed WITHOUT bricking the device. Then you could have asked why, and I would have told you

Quote:

Originally Posted by cscat

I SUSPECT there is an issue with the noad patch.

Huh? Why would there be one? Please elaborate on this. The patch works exactly as described.

When you only want to protect the book content, you could add the password to a collection, but only check it, if the collection or a book out of this collection is opened.

But content-protection might not be enough for everybody, because other family members maybe even should not know, that you read a book with a specific title. (Amazon recommended me the book "Read and Masturbate" a few days ago -.-)

Here you go. This patch allows to password-protect any item I have come across so far (though I could only try with books, PDFs, Kindlets, and notifications). It should work for pretty much everything that has a details page (long-click the item), but I cannot be 100% sure.

If you experience any trouble, please let me know. And if you don't, feedback is still appreciated!

Localizations for english, german, french, and italian, are included. Additional localizations are more than welcome, as are corrections to the currently included texts. Simply take a look at (and/or modify) the ixtab-patch-passwd.txt inside the zip, and reply to this thread if you have suggestions.

INSTALLATION:
Copy the attached file directly to the opt/jbpatch/ directory on your Kindle (do NOT unzip the file!). Add the appropriate entry ("ixtab_passwd-5.1.0.zip") to the CONFIG.TXT in that directory, then restart your Kindle.

Technical notes:

Passwords are stored in /var/local/ixtab-patch-passwd.bin. If you remove this file, everything is "unprotected" again. The same is of course true if you disable this patch (duh!).

Collections are not, and will not be, supported.

Passwords are tied to the UUID of an item. The UUID is stable as long as an item exists on the Kindle. If you remove, then re-add, or if you replace an item, the UUID is likely to change (meaning that password-protection will be "lost" and has to be set up again).

So your patch and vaniaspeeds hide folder hack have to be used in combination for those who whant to hide titles as well.

Probably yes. The Kindle is designed to be a consumer product, and a "single-user" one. It wasn't developed with too many security concerns (regarding the user accessing it) in mind, and in principle, I agree with that philosophy (note: for this kind of device).

Supporting true multi-user mode would be a tremendous effort, and the inherently required added complexity could easily scare away the average user.

So: don't give your Kindle to people that you don't trust. For device access control, use the built-in device PIN protection. For restricting access to a specific item, use this patch. For completely hiding the "Read and Masturbate" item from the UI, vaniaspeedy's hack might, or might not, be the solution (I admit I never tried it).

In any case, don't rely on any of these methods for your privacy. All of them can be easily circumvented by simply plugging the Kindle into a computer.

So: don't give your Kindle to people that you don't trust. For device access control, use the built-in device PIN protection. For restricting access to a specific item, use this patch. For completely hiding the "Read and Masturbate" item from the UI, vaniaspeedy's hack might, or might not, be the solution (I admit I never tried it).

+1
Extremely well said (minus the part about not trying my tweak )

Overall it seems like security and privacy has been successfully addressed on all levels. Awesome!

Overall it seems like security and privacy has been successfully addressed on all levels. Awesome!

Security as discussed here still requires PHYSICAL security (not allowing access to the USB port). You need encryption to secure the device when not in your control.

The processor used in the K4 and k5 has hardware AES encryption, if we can learn how to use it. You can do software AES if slower access is acceptable. You can read more information on hardware available in the SoC chips in the freescale reference manuals.

One possibility may be to install truecrypt. Another may be to use AES protected ZIP files. There are many other options, but encryption is the key to privacy and security.